Skip to content

Latest commit

 

History

History
 
 

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Cloud DNS & Shared VPC design

Usage

This blueprint shows how to create reusable and modular Cloud DNS architectures when using Shared VPC.

The goal is to provision dedicated Cloud DNS instances for application teams that want to manage their own DNS records, and configure DNS peering to ensure name resolution works in a common Shared VPC.

The blueprint will:

  • Create a GCP project per application team based on the teams input variable
  • Create a VPC and Cloud DNS instance per application team
  • Create a Cloud DNS private zone per application team in the form of [teamname].[dns_domain], with teamname and dns_domain based on input variables
  • Configure DNS peering for each private zone from the Shared VPC to the DNS VPC of each application team

The resources created in this blueprint are shown in the high level diagram below:

Note that Terraform 0.13 at least is required due to the use of for_each with modules.

Variables

name description type required default
billing_account_id Billing account associated with the GCP Projects that will be created for each team. string
folder_id Folder ID in which DNS projects will be created. string
prefix Prefix used for resource names. string
shared_vpc_link Shared VPC self link, used for DNS peering. string
dns_domain DNS domain under which each application team DNS domain will be created. string "example.org"
project_services Service APIs enabled by default. list(string) […]
teams List of application teams requiring their own Cloud DNS instance. list(string) […]

Outputs

name description sensitive
teams Team resources.

Test

module "test" {
  source             = "./fabric/blueprints/cloud-operations/dns-shared-vpc"
  billing_account_id = "111111-222222-333333"
  folder_id          = "folders/1234567890"
  prefix             = "test"
  shared_vpc_link    = "https://www.googleapis.com/compute/v1/projects/test-dns/global/networks/default"
  teams              = ["team1", "team2"]
}
# tftest modules=9 resources=22